This privacy policy explains how we collect, use, store, disclose, and protect your personal data. The policy applies to all our operations.
We comply with applicable legislation in this area, such as the General Data Protection Regulation (GDPR). In this text, we use the Swedish name, Dataskyddsförordningen.
The purpose of the law is to protect the individual’s right to privacy, which is a fundamental human right. Individuals’ privacy must not be violated when personal data is processed. This means we may only process your personal data if there is legal support or if you have given your consent.
Göteborgsregionens Internationella Skola AB (ISGR), organization number 556527-5657, is the data controller and is responsible for ensuring that your personal data is processed correctly and lawfully.
Personal data is any information that can be linked to a living individual, either directly or indirectly. Examples include name, address, or personal identification number. Health information and political opinions are also considered personal data, as well as images, videos, and audio recordings.
Processing personal data means any action performed on personal data, such as collecting, creating, storing, deleting, sharing, archiving, or copying.
In most cases, you provide it yourself when you participate in training, a project, a network, or when we handle a matter for you. Sometimes we receive your personal data from others, such as authorities, municipalities, or companies.
Examples of personal data processed by ISGR include:
ISGR is subject to the principle of public access. This means that personal data submitted to us is generally considered public documents. Anyone has the right to request and read them unless they are classified as confidential. Confidential information includes personal or financial circumstances and health details.
ISGR needs your data to fulfill our mission. This may involve administration when you register for or participate in a course, or when you are part of a network or project we manage. Sometimes we need your data to fulfill contractual obligations. Some data is used for statistics, but then it is anonymized.
All processing is based on a legitimate purpose, and we do not share your data for commercial purposes.
If we need to process your personal data for a reason other than the original purpose, you will be informed before the new processing begins.
Whenever ISGR processes personal data, there is always a legal basis, and we do not handle more data than necessary. The legal basis depends on the type of processing. ISGR relies on the following legal grounds:
We follow the principles of the GDPR. You have the right to know what data we process about you, your data must be secure, and we do not process it for purposes other than those stated. We do not process more than necessary or keep your data longer than required.
Read more in GDPR Article 5.
We keep your personal data until the purpose of the processing has been fulfilled. After that, it may still be stored if laws require it, such as the Accounting Act or the Archives Act.
Who has access to your data? ISGR employees who need it to perform their duties. In some cases, we share your personal data with external organisations such as the Swedish Tax Agency.
Your rights depend on the legal basis for the processing. In some cases, we cannot fulfill your request.
Right of access: You may request information about what personal data we process. Email: dpo@staff.isgr.se.
Right to rectification, erasure, or restriction: You may request correction or deletion of your data.
Withdrawal of consent: You can withdraw your consent at any time.
Right to lodge a complaint: You may contact IMY if you are not satisfied with how we process your data.
ISGR maintains a record of all personal data processing activities, including legal basis, responsibilities, storage, and deletion procedures. This record can be provided to IMY on request.
ISGR works to meet GDPR security requirements. Security measures depend on the type of data, risks, and technical possibilities.
If we process your personal data outside the EU/EEA, we will inform you.
When you contact us via social media, your information is transferred to third countries. ISGR cannot delete this data or guarantee GDPR-level protection.
If you want to remain anonymous or have a protected identity, contact ISGR by phone. Do not include personal information when submitting anonymous feedback.
Email is not secure for sensitive information such as personal ID numbers, bank accounts, or login credentials. Special categories (health, religion, ethnicity, political views, sexual orientation) require legal basis or explicit consent.
To object, request corrections, erasure, or a register extract:
Email: isgr@isgr.sePhone: +46 (0)31 708 92 50
For identity-sensitive requests, you must provide ID. Register extracts are mailed to your home address.
Data Protection Officer: dpo@staff.isgr.se
More information: Visit IMY.